SDCICD-1380: add dynamic operator catalog build pipeline

[jbpratt]

create a new pipeline based on the fbc-builder pipeline which injects two tasks (opm-get-bundle-version and opm-render-bundles) in order to dynamically generate an OLM catalog based on the provided OLM bundle image.

The patch replaces build-container and build-image-index with the new tasks and shifts build-container down to replace deprecated-base-image-check. We control the base image version through the opm-render-bundles task, so I don't think it needs to be checked for deprecation.

This pipeline has been developed with SRE-P's usecase in mind of not maintaing an upgrade graph or multiple channels. It may not meet the needs of others directly without modification.

This is the second of two pipelines that will be submitted. The first (dynamic operator bundle) is blocked on operator versioning which I'm actively working on.

apiVersion: tekton.dev/v1
kind: Pipeline
metadata:
  labels:
    pipelines.openshift.io/runtime: fbc
    pipelines.openshift.io/strategy: fbc
    pipelines.openshift.io/used-by: build-cloud
  name: dynamic-operator-catalog-build
spec:
  description: |
    This pipeline is used to generated an OLM catalog based on the provided
    bundle images and version. The catalog is generated by initalizing a new
    package config blob then rendering the provided OLM bundle image into a
    single entry channel.
  finally:
  - name: show-sbom
    params:
    - name: IMAGE_URL
      value: $(tasks.build-image-index.results.IMAGE_URL)
    taskRef:
      name: show-sbom
      version: "0.1"
  - name: show-summary
    params:
    - name: pipelinerun-name
      value: $(context.pipelineRun.name)
    - name: git-url
      value: $(tasks.clone-repository.results.url)?rev=$(tasks.clone-repository.results.commit)
    - name: image-url
      value: $(params.output-image)
    - name: build-task-status
      value: $(tasks.build-image-index.status)
    taskRef:
      name: summary
      version: "0.2"
    workspaces:
    - name: workspace
      workspace: workspace
  params:
  - description: Source Repository URL
    name: git-url
    type: string
  - default: ""
    description: Revision of the Source Repository
    name: revision
    type: string
  - description: Fully Qualified Output Image
    name: output-image
    type: string
  - default: "false"
    description: Force rebuild image
    name: rebuild
    type: string
  - default: "false"
    description: Execute the build with network isolation
    name: hermetic
    type: string
  - default: ""
    description: Image tag expiration time, time values could be something like 1h,
      2d, 3w for hours, days, and weeks, respectively.
    name: image-expires-after
  - default: ""
    description: ""
    name: operator-name
    type: string
  - default: ""
    description: ""
    name: operator-bundle-image
    type: string
  - default: stable
    description: The channel name that OLM subscriptions will default
    name: default-channel
    type: string
  results:
  - name: IMAGE_URL
    value: $(tasks.build-image-index.results.IMAGE_URL)
  - name: IMAGE_DIGEST
    value: $(tasks.build-image-index.results.IMAGE_DIGEST)
  - name: CHAINS-GIT_URL
    value: $(tasks.clone-repository.results.url)
  - name: CHAINS-GIT_COMMIT
    value: $(tasks.clone-repository.results.commit)
  tasks:
  - name: init
    params:
    - name: image-url
      value: $(params.output-image)
    - name: rebuild
      value: $(params.rebuild)
    taskRef:
      name: init
      version: "0.2"
  - name: clone-repository
    params:
    - name: url
      value: $(params.git-url)
    - name: revision
      value: $(params.revision)
    runAfter:
    - init
    taskRef:
      name: git-clone
      version: "0.1"
    when:
    - input: $(tasks.init.results.build)
      operator: in
      values:
      - "true"
    workspaces:
    - name: output
      workspace: workspace
    - name: basic-auth
      workspace: git-auth
  - name: opm-get-bundle-version
    params:
    - name: bundle-image
      value: $(params.operator-bundle-image)
    runAfter:
    - clone-repository
    taskRef:
      name: opm-get-bundle-version
      version: "0.1"
    workspaces:
    - name: workspace
      workspace: workspace
  - name: opm-render-bundles
    params:
    - name: bundle-images
      value: $(params.operator-bundle-image)
    - name: operator-name
      value: $(params.operator-name)
    - name: operator-version
      value: v$(tasks.opm-get-bundle-version.results.bundle-version)
    - name: default-channel
      value: $(params.default-channel)
    runAfter:
    - opm-get-bundle-version
    taskRef:
      name: opm-render-bundles
      version: "0.1"
    workspaces:
    - name: source
      workspace: workspace
  - name: build-container
    params:
    - name: IMAGE
      value: $(params.output-image)
    - name: DOCKERFILE
      value: catalog.Dockerfile
    - name: CONTEXT
      value: .
    - name: HERMETIC
      value: $(params.hermetic)
    - name: IMAGE_EXPIRES_AFTER
      value: $(params.image-expires-after)
    - name: COMMIT_SHA
      value: $(tasks.clone-repository.results.commit)
    runAfter:
    - opm-render-bundles
    taskRef:
      name: buildah
      version: "0.2"
    workspaces:
    - name: source
      workspace: workspace
  - name: apply-tags
    params:
    - name: IMAGE
      value: $(tasks.build-image-index.results.IMAGE_URL)
    runAfter:
    - build-container
    taskRef:
      name: apply-tags
      version: "0.1"
  - name: inspect-image
    params:
    - name: IMAGE_URL
      value: $(tasks.build-image-index.results.IMAGE_URL)
    - name: IMAGE_DIGEST
      value: $(tasks.build-image-index.results.IMAGE_DIGEST)
    runAfter:
    - build-container
    taskRef:
      name: inspect-image
      version: "0.1"
    when:
    - input: $(params.skip-checks)
      operator: in
      values:
      - "false"
    workspaces:
    - name: source
      workspace: workspace
  - name: fbc-validate
    params:
    - name: IMAGE_URL
      value: $(tasks.build-image-index.results.IMAGE_URL)
    - name: IMAGE_DIGEST
      value: $(tasks.build-image-index.results.IMAGE_DIGEST)
    - name: BASE_IMAGE
      value: $(tasks.inspect-image.results.BASE_IMAGE)
    runAfter:
    - build-container
    taskRef:
      name: fbc-validation
      version: "0.1"
    when:
    - input: $(params.skip-checks)
      operator: in
      values:
      - "false"
    workspaces:
    - name: workspace
      workspace: workspace
  - name: fbc-related-image-check
    runAfter:
    - build-container
    taskRef:
      name: fbc-related-image-check
      version: "0.1"
    when:
    - input: $(params.skip-checks)
      operator: in
      values:
      - "false"
    workspaces:
    - name: workspace
      workspace: workspace
  workspaces:
  - name: workspace
  - name: git-auth
    optional: true